around, u will some other boxes hidden, e.g, 41.203.208.26, and
another well firewalled appserver =196.201.208.57. Lemmie not expose
more.
On 9/29/10, Peter Karunyu <pkarunyu@gmail.com> wrote:
> In my opinion, security of web apps is a cumulative task where you secure
> everything that can be secured within reason. So far, these are the points:
>
> 1. If a reverse DNS lookup can yield the IP address of
> domains.safaricom.co.ke, we have a target.
> 2. Due to the lack of custom 404 error handlers, we know the target runs
> RHEL5
> 3. We also know there is a database on that target, we just need to find the
> port its using.
> 4. We have a possibly working
> username<http://domains.safaricom.co.ke/webim/client.php>for that
> database, its a matter of guessing the password.
> 5. We know that PHP 5.2.9 <http://www.securityfocus.com/bid/36449/info> has
> specific vulnerabilities on RHEL5
>
> If I was running that server, I would rather not have the facts above
> available to the general public, regardless of whether that server hosts
> "hello world" pages or not.
>
> Next question I would ask, is domains.safaricom.co.ke a target worthy of the
> effort?
>
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
_______________________________________________
Skunkworks mailing list
Skunkworks@lists.my.co.ke
http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke
No comments:
Post a Comment